Sometimes an electronic signature is confused with a digital signature. It should be pointed out that these are two completely different types of e signatures in use by organizations today. With an e signature, anyone has the ability to attach their signature to a file, email, document, form or other data-type. Once they send the data to another person, this person is able to open the data without supplying any sort of security to validate and confirm authenticity of the data. While e signatures are appropriate for certain business applications, like a signature at the bottom of an email message, for other processes and transactions a digital signature is required. A digital signature encrypts the signature once it is attached in the data. In order to decrypt the signature, people need to have a copy of the signer’s digital certificate containing their public key. Without this digital certificate, they are unable to access or open the data.
It is important that organizations never complete electronic business transactions, such as purchase requisitions, sales orders and financial transactions, using a generic electronic signature. This is because anyone has the ability to attach an e signature and later there is no way to confirm the authenticity of the signature. If a transaction were to be approved and completed without confirming authenticity, not only could it affect your organization, but it might also have an impact on the other party involved in the transaction. The only way to protect your business is to use digital signatures contained within digital certificates.